package com.kevis.webCommon.secure.support;

import com.kevis.webCommon.constant.SessionKeyConstant;
import com.kevis.webCommon.constant.UrlConstant;
import com.kevis.webCommon.pojo.ImageCode;
import com.kevis.webCommon.web.exception.auth.CaptchaException;
import com.wf.captcha.utils.CaptchaUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.ServletRequestBindingException;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * 校验验证码过滤器,先去校验验证码,不对就不去校验后续的用户名密码
 * 记得需要在 SecurityConfig 中进行配置启用
 *
 * @Author kevis
 * @Date 2023/3/22 10:59
 */
//@Component
public class SecureCaptchaSupport extends OncePerRequestFilter {
    @Autowired
    private AuthenticationFailureHandler authenticationFailureHandler;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        //只拦截post请求且为登录的方法
//        if((request.getContextPath() + UrlConstant.ADMIN_LOGINP_ROCESSING_URL).equalsIgnoreCase(request.getRequestURI())
//        && "post".equalsIgnoreCase(request.getMethod()))
//        {
//            try {
//                validateCode(request);
//            } catch (CaptchaException e) {
//                authenticationFailureHandler.onAuthenticationFailure(request, response, e);
//                return;
//            }
//        }
        filterChain.doFilter(request, response);
    }

    private void validateCode(HttpServletRequest request) throws ServletRequestBindingException {
        HttpSession session = request.getSession();
        //获取 session存放的验证码
        ImageCode codeInSession = (ImageCode) session.getAttribute(SessionKeyConstant.SESSION_KEY_IMAGE_CODE);

        //获取页面传过来的验证码
        String codeInRequest = ServletRequestUtils.getStringParameter(request, "imageCode");
        if (!StringUtils.hasLength(codeInRequest)) {
            throw new CaptchaException("验证码不能为空！");
        }
        if(codeInSession == null){
            throw new CaptchaException("验证码不存在！");
        }
        if(codeInSession.isExpire()){
            session.removeAttribute(SessionKeyConstant.SESSION_KEY_IMAGE_CODE);
            CaptchaUtil.clear(request);
            throw new CaptchaException("验证码已过期！");
        }
        if (!codeInSession.getCode().equalsIgnoreCase(codeInRequest)) {
            throw new CaptchaException("验证码不正确！");
        }
        session.removeAttribute(SessionKeyConstant.SESSION_KEY_IMAGE_CODE);
        CaptchaUtil.clear(request);
    }
}
